Summary
A BIG-IP GTM synchronization group is a collection of multiple BIG-IP GTM systems that synchronize BIG-IP GTM configuration settings and metrics information. You must meet several minimum requirements for BIG-IP GTM synchronization group members to communicate and synchronize properly.
Description
For the BIG-IP GTM synchronization group members to properly synchronize their configuration, you must verify that the following requirements are in place:
* The BIG-IP GTM synchronization group members must be running the same software version
A BIG-IP GTM device should be running the same software version as other members in the synchronization group; BIG-IP GTM devices running different software versions will not be able to communicate and properly synchronize GTM configuration and zone files. For information about displaying the software version, refer to SOL8759: Displaying the BIG-IP software version.
* The synchronization parameters must be properly defined on all members
Synchronization must be enabled and each device must have the same synchronization group name. You can define the synchronization parameters by navigating to System > Configuration > Device > GTM > General.
* NTP must be configured on each device Before you can synchronize BIG-IP GTM systems, you must define the Network Time Protocol (NTP) servers for all synchronization group members. Configuring NTP servers ensures that each BIG-IP GTM synchronization group member is referencing the same time when verifying the configuration data that needs to be synchronized. You can configure NTP by navigating to System > Configuration > Device > NTP.
* Port Lockdown must be set properly for the relevant self IP addresses
Port lockdown is a security feature that specifies the protocols and services from which a self IP address can accept traffic. F5 recommends using the Allow Default option for self IP addresses that are used for synchronization and other critical redundant pair intercommunications. You can configure port lockdown by navigating to Network > Self IPs.
* TCP port 4353 must be allowed between devices BIG-IP GTM synchronization group members use TCP port 4353 to communicate. You must verify that port 4353 is allowed between BIG-IP GTM devices.
* Compatible big3d versions must be installed on synchronization group members
The big3d process runs on BIG-IP systems and collects performance information on behalf of the BIG-IP GTM system. For metrics collection to work properly, synchronization group members must run the same version of the big3d process. For more information about verifying big3d version information, refer to SOL13703: Overview of big3d version management.
* A valid device certificate must be installed on all members
The device certificate is used by the F5 system to identify itself to a requesting F5 client system. The default device certificate, /config/httpd/conf/ssl.crt/server.crt, must be installed on each sync group member. You can verify the certificate validity by navigating to System > Device Certificates.
more:http://support.f5.com/kb/en-us/solutions/public/13000/700/sol13734.html
No comments:
Post a Comment